CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group

CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group
Advanced Persistent Threat

The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Cyber Command Cyber National Mission Force (CNMF) have issued a joint advisory to warn the public of a North Korean-linked hacking group called Kimsuky.

The advanced persistent threat (APT) group uses social engineering and spearphishing tactics to infiltrate U.S. systems, according to the notice dated Tuesday.

CISA, FBI and CNMF utilized data from intelligence reporting and open-source databases to consolidate Kimsuky's tactics, techniques and procedures (TTP).

Kimsuky has also used stolen web hosting credentials to disseminate threats and created subdomains to mimic websites such as Google and Yahoo.

According to the advisory, Kimsuky conducts intelligence collection operations against organizations and individuals in the U.S., Japan and South Korea. The APT group was most likely launched in 2012, the notice states.

You may also be interested in...

DSX Spacecraft

AFRL Completes Service Life of Science Experiment Spacecraft; Michael Starks Quoted

The Air Force Research Laboratory (AFRL) has concluded operations of a nearly two-year-old spacecraft designed to serve as a testbed for various science experiments. The Demonstration and Science Experiments (DSX) spacecraft ended its service life on May 31st after 706 days of activities on orbit.